Alternatives and similar repositories for python-ssvc

Users that are interested in python-ssvc are comparing it to the libraries listed below

• theparanoids / PrioritizedRiskRemediation
  A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
  ☆79Updated last year
• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆211Updated this week
• vishalgarg-sec / Software-Supply-Chain-Security
  A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…
  ☆137Updated last year
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆166Updated last week
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆177Updated 11 months ago
• ossf / malicious-packages
  A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…
  ☆389Updated this week
• OWASP / OpenCRE
  ☆123Updated last week
• javixeneize / neo4cyclone
  ☆25Updated 2 years ago
• arnepadmos / threats
  An extensive list of resources related to threat modelling. Gotta catch ’em all!
  ☆40Updated last month
• DataDog / malicious-software-packages-dataset
  An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
  ☆249Updated this week
• anchore / nvd-data-overrides
  ☆48Updated this week
• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆88Updated 3 weeks ago
• owaspsamm / core
  Core model including reused documentation
  ☆99Updated 4 months ago
• ksthk / one
  One Conference 2024
  ☆110Updated last year
• pbom-dev / OSCAR
  A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
  ☆95Updated 8 months ago
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆67Updated 4 months ago
• CycloneDX / sbom-utility
  Utility that provides an API platform for validating, querying and managing BOM data
  ☆121Updated last month
• aibom-squad / SBOM-for-AI-Use-Cases
  Repository for on-going work as part of the SBOM for AI Tiger Team effort.
  ☆39Updated 3 months ago
• klarna-incubator / gram
  Gram is Klarna's own threat model diagramming tool
  ☆326Updated 3 weeks ago
• wiz-sec / open-cvdb
  An open project to list all publicly known cloud vulnerabilities and CSP security issues
  ☆364Updated last month
• DataDog / supply-chain-firewall
  Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages
  ☆168Updated this week
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆150Updated 6 months ago
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆89Updated this week
• edgeroute / security-champion-framework
  The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
  ☆111Updated last year
• xvnpw / ai-security-analyzer
  A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects
  ☆94Updated 2 weeks ago
• opengrep / opengrep-rules
  ☆91Updated 9 months ago
• duo-labs / narrow
  Low-effort reachability analysis for third-party code vulnerabilities.
  ☆21Updated 2 years ago
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆341Updated this week
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆128Updated 2 months ago
• CycloneDX / bom-examples
  A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
  ☆205Updated last week